The Linux version of VMware products include a program called 'vmware-authd', which is installed set-uid root. When this program is executed, it reads configuration options from the executing user's VMware configuration file. One such option allows the user to specify the directory in which to look for shared library modules needed by theprogram. By loading a specially crafted library, an attacker can execute arbitrary code with elevated privileges.

Analysis:
Exploitation of this vulnerability results in the execution of arbitrary code with root privileges. In order to exploit this vulnerability, an attacker must have access to execute the set-uid vmware-authd binary on an affected system. No additional credentials are needed.

Workaround:
To prevent exploitation of this vulnerability, modify the file permissions for the vmware-authd set-uid binary. Possible choices include removing the set-uid bit, or only allowing members of a trusted group to execute the binary.